Presentation is loading. Please wait.

Presentation is loading. Please wait.

IPv6 Testing Etienne Dublé - CNRS/UREC EGEE SA2

Published byWalter Logan Modified over 6 years ago

Similar presentations

Presentation on theme: "IPv6 Testing Etienne Dublé - CNRS/UREC EGEE SA2"— Presentation transcript:

1 IPv6 Testing Etienne Dublé - CNRS/UREC EGEE SA2
Mario Reale – GARR EGEE SA2 Thursday November 6, 2008 – Prague – JRA1 / SA3 All Hands Meeting This document is available at

2 IPv6 overview in 3 slides minimal set of things to know about IPv for software developers and testers

3 by the way….. Why IPv6 ? Main point: IPv4 addresses are getting more and more scarce Some features of IPv6 are not available in IPv4 (extensible header/protocol, embedded security and mobility, host auto-configuration…)

4 IPv6 in a nutshell (3 slides)
IPv6 Addresses 128 bits Represented by 8 hexadecimal blocks separated by colons “:” Relevant address types: loopback, link-local, global-unicast IPv6 network behavior plug and play features: Auto-configuration of the link local address Auto-configuration of a global IPv6 address as soon as an IPv6 router advertises itself (another option is to use DHCPv6 – similar to DHCPv4) Neighbor Discovery Manages link control information (replaces ARP, ICMP redirect, and others) Routing Works essentially like IPv4 routing DNS has analogous roles w.r.t. IPv4 DNS Although not identical

5 IPv6 Overview: Addresses
Base format Compact format Literal representation URL 2001:0660:3003:0001:0000:0000:6543:210F 2001:0660:3003:0001:0000:0000:6543:210F 2001:660:3003:1::6543:210F [2001:660:3003:1::6543:210F] 2001:660:3003:1:0:0:6543:210F 2001:660:3003:1:0:0:6543:210F 2001: 660:3003: 1: 0: 0:6543:210F Link-local address: Starts with FE80:: Limited to the physical link, not routable, not usable for sockets Global unicast address: Unique in the world You may have several addresses on one interface. Example: inet6 addr: 2001:760:0:106::21/64 Scope:Global inet6 addr: fe80::20c:29ff:fed7:c812/64 Scope:Link

6 IPv6 Overview: DNS New AAAA record for IPv6 addresses:
myhost in A AAAA 2001:660:3002:7000::1 Example DNS query: host –t AAAA ui.dir.garr.it Result: ui.dir.garr.it has AAAA address 2001:760:0:159::212 Important change in applications to resolve names The gethostbyname() deprecated function returned one IPv4 address OLD The getaddrinfo() IPv6 compliant function returns a list of addresses (IPv4 and IPv6) NEW

7 IPv6 Linux node configuration

8 How to configure IPv6 on my Linux node
IPv6 is supported since Linux kernel 2.4 If IPv6 is supported by my kernel, the file /proc/net/if_inet6 must be there If not I can try to load the IPv6 module: modprobe ipv6 Otherwise I need to re-build my kernel enabling IPv6 IPv6 address configuration Link local address: set automatically when IPv6 is enabled Global address: can be set manually provided by autoconfiguration provided by DHCPv6

9 Manual IPv6 interface configuration
Edit the /etc/sysconfig/network file and set there NETWORKING_IPv6=yes IPV6_DEFAULTGW=<the IPv6 address of your default IPv6 g/w> Edit the /etc/sysconfig/network-scripts/ifcfg-eth0 file and set there IPV6INIT=yes IPV6ADDR=<my IPv6 address> Edit the /etc/resolv.conf file and set IPv6 address of your IPv6 DNS: nameserver <IPv6 address of name server> Restart the network: service network restart

10 IPv6 configuration and management
To dynamically add an IPv6 address and g/w: /sbin/ifconfig eth0 inet6 add 2001:760:4004:218::36 route --inet6 add default gw 2001:760:4004:218::1 To print IPv6 routes: /sbin/route -n --inet6 Am I using IPv4 or IPv6 right now on my host? shows a dancing turtle if IPv6 is being used

11 Socket servers on dual-stack systems

12 Servers with two sockets
IPv4 & IPv6 enabled Server application with two sockets w.x.y.z IPV6_V6ONLY socket option must be SET IPv4 & IPv6 enabled Server application with only one IPv6 socket ::FFFF:w:x:y:z IPV6_V6ONLY socket option must be UNSET Dual-stack OS h:h:h:h:h:h:h:h Socket API TCP / UDP h:h:h:h:h:h:h:h IPV4 stack IPV6 stack w.x.y.z h:h:h:h:h:h:h:h Device drivers w.x.y.z h:h:h:h:h:h:h:h

13 IPv4 connection to an IPv6 socket
If the IPV6_V6ONLY option is not set or unset, the IPv6 socket may or may not accept IPv4 connections, depending on the system parameter /proc/sys/net/ipv6/bindv6only. => The program will act differently on different systems!

14 How to assess IPv6 compliance… - ‘by hand’?

15 Listening socket(s) test
How to check which kind(s) of listening socket(s) a server opened: IPv6_test]$ netstat –lnpt | grep 20001 Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp ::: :::* LISTEN 36853/server_one_so IPv6_test]$ netstat –lnpt | grep 20000 IPv6_test]$ netstat –lnpt | grep 20001 Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp ::: :::* LISTEN 36853/server_one_so IPv6_test]$ netstat –lnpt | grep 20000 tcp : :* LISTEN 32343/server_two_so tcp ::: :::* LISTEN 32343/server_two_so IPv6_test]$ IPv6_test]$ netstat –lnpt | grep 20001 IPv6_test]$ IPv6_test]$ netstat –lnpt | grep 20001 Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp ::: :::* LISTEN 36853/server_one_so IPv6_test]$

16 Established sockets test
How to check that a supposed IPv6 client (respectively IPv4) really connects through IPv6 (respectively IPv4) (*): (*) When applicable: to be done while the client is connected. IPv6_test]$ netstat –npt | grep 20001 Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp :660:3302:7003::2: :660:3302:7003::3: ESTABLISHED 8046/server_one_soc tcp :660:3302:7003::3: :660:3302:7003::2: ESTABLISHED 8047/client IPv6_test]$ IPv6_test]$ IPv6_test]$ netstat –npt | grep 20001

17 Other possible checks lsof –i –n (returns the same kind of information as: netstat –lnpt ; netstat –npt) Tests with a packet sniffer (tcpdump, wireshark…)

18 How to assess IPv6 compliance… - by using the static code checker?

19 The IPv6 static code checker
What is it? A bash script seeking for evident non IPv6 compliant patterns in the source code of the gLite modules How to use it? By checking the IPv6 metric of the code quality assurance, on the ETICS build system (see next slides) You can submit an IPv6 check job for example on the org.glite.data.transfer-fts gLite component: etics-submit build -p ipv6check="True“ \ org.glite.data.transfer-fts Optionally the tool can also be used by hand, on the modules code Reference information available from

20 Usage example Known limitations of the tool:
May detect calls in parts of the code which are actually not executed: Patterns in comments (/* gethostbyname() */) Pre-compiler instructions ignored (#ifdef USE_FLAG …) Code like “if (ipv6_disabled) { <ipv4-only-code> }” Only detects suspect non compliant patterns (there may be other kinds of non-ipv6 compliance) It is not 100% efficient but it provides clear hints to be verified about non-IPv6 compliance.

21 Usage example Click Here Click Here

22 How to assess IPv6 compliance… - by using the dynamic (runtime) IPv6 checker?

23 LD_PRELOAD mechanism BEFORE Program ---------------- Main() { …
Call f() …} Shared Library 1 Function f() {…} Shared Library 1 Function f() {…} LD_PRELOAD=/path/to/library/A AFTER Program Main() { … Call f() …} Preloaded shared Library A Function f() { <added functionality> Call RTLD_NEXT f() } Shared Library 1 Function f() {…} Shared Library 1 Function f() {…}

24 Dynamic IPv6 checker mechanism
LD_PRELOAD=/path/to/dynamic-code-checker-library Program <name> Main() { … gethostbyname(…) …} Preloaded dynamic code checker library gethostbyname(…) { Generate a file in /proc/ipv6_warnings/<name>/<pid> Call RTLD_NEXT gethostbyname() } ... <other_non_ipv6_compliant functions> C Standard Shared Library gethostbyname() {… } C Standard Shared Library gethostbyname() {… }

25 Usage example Usage example: we want to test a program called test.py
test.py is normally run this way: In order to check IPv6 compliance we run: It seems that the standard behavior is not affected (it still returns the same thing). But actually a warning has been generated in /tmp/ipv6_warnings (see next slide). test]$ ./test.py test]$ ./test.py test]$ test]$ test]$ LD_PRELOAD=/home/duble/ipv6_checker/libipv6_checker.so ./test.py test]$ test]$ test]$ LD_PRELOAD=/home/duble/ipv6_checker/libipv6_checker.so ./test.py

26 Usage example Let’s check it:
This shows that “test.py” has been run twice, and the two numbers are the corresponding PIDs. The process we just ran is the last directory created: There was only one problem detected, represented by the file “getaddrinfo_AF_INET”. test]$ ls /tmp/ipv6_warnings/ java server.py test.pl test.py test]$ ls /tmp/ipv6_warnings/test.py test]$ ls /tmp/ipv6_warnings/ java server.py test.pl test.py test]$ ls /tmp/ipv6_warnings/test.py test]$ ls /tmp/ipv6_warnings/ java server.py test.pl test.py test]$ test]$ ls /tmp/ipv6_warnings/ test]$ test]$ ls -1rt /tmp/ipv6_warnings/test.py 18552 18555 test]$ ls /tmp/ipv6_warnings/test.py/18555/ test]$ ls -1rt /tmp/ipv6_warnings/test.py 18552 18555 test]$ ls /tmp/ipv6_warnings/test.py/18555/ getaddrinfo_AF_INET test]$ ls -1rt /tmp/ipv6_warnings/test.py test]$ test]$ ls -1rt /tmp/ipv6_warnings/test.py 18552 18555 test]$

27 Usage example The content of the file gives a description of the problem, and a solution: test]$ cat /tmp/ipv6_warnings/test.py/18555/getaddrinfo_AF_INET PROBLEM DETECTED: This program uses getaddrinfo() with hints->ai_family set to AF_INET. […] SOLUTION: Use getaddrinfo() with AF_UNSPEC […] in order to be address-family agnostic. test]$ test]$ cat /tmp/ipv6_warnings/test.py/18555/getaddrinfo_AF_INET

28 Advantages / Drawbacks
It works with all non-static programs, and also with Python, Perl scripts and Java code because their respective interpreter / virtual machine is dynamically linked with the standard C library It does not affect the standard behavior of the program It may easily be run for all programs on a node: Drawbacks: The tool only detect non-IPv6-compliant function calls. There may be other (not common) kinds of non-IPv6 compliance problems which will not be detected. It does not provide any source file name and line number. It is complementary to the static code checker. test]$ export LD_PRELOAD=/home/duble/ipv6_checker/libipv6_checker.so

29 Testbed, tools, and documents provided by SA2 for IPv6 testing

30 SA2 gLite IPv6 testbed at GARR
UI VOMS LB WMS CE WN1 WN2 BDII DPMH DPMD LFC PX (JobMon) DEV DEV2 ETICS e2eMON1 e2eMON2 installed to be installed NAT PT ICE CREAM 30

31 Testbed features UI account available for testers/developers SA2/JRA1/SA3 other kinds of access to testbed nodes can be agreed Other information: Each node can be configured in IPv4, IPv6, Dual Stack The following gLite-relatd VOs are supported: egee, dteam, infngrid, garr, eumed, euchina gLite version is 3.1 services are deployed on Scientific Linux CERN 4.6 31

32 Other SA2 provided tools and documents
Reference documents on IPv6 for gLite developers: (all on SA2 EDMS or Wiki page) Guide to IPv6 compliant programming in C/C++, Java, Python and Perl: Provides a sample TCP client and server for each programming language Explains advantages/drawbacks/limitations of each language regarding IPv6 How to make sure the IPv6 behavior of your application is as expected Assessment of the current status of the gLite external packages overall Selected IPv6 compliance studies for specific packages: gSOAP, Axis / Axis2, Boost:asio, gridFTP Assessment of the IPv6 compliance of gLite components: DPM, LFC Provisioning of specific IPv6 introductory tutorials for gLite developers In collaboration with ETICS: IPv6 resources inside the metronome pool A whole dedicated ETICS project for IPv6 studies 32

33 Conclusion FINAL GOAL: General support on IPv6 for the gLite developers We are fully available and open for discussions on how to move on in the next months. Thank You. 33

Download ppt "IPv6 Testing Etienne Dublé - CNRS/UREC EGEE SA2"

Similar presentations

EGEE-III INFSO-RI-222667 Enabling Grids for E-sciencE www.eu-egee.org EGEE and gLite are registered trademarks Etienne Dublé - CNRS/UREC EGEE SA2 Mario.

EGEE-III INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Etienne Dublé - CNRS/UREC EGEE SA2 Mario.
Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.

Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Implementing IP Addressing Services Accessing the WAN – Chapter 7.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Implementing IP Addressing Services Accessing the WAN – Chapter 7.
Socket Programming with IPv6. Why IPv6? Addressing and routing scalability Address space exhaustion Host autoconfiguration QoS of flow using flowlabel.

Socket Programming with IPv6. Why IPv6? Addressing and routing scalability Address space exhaustion Host autoconfiguration QoS of flow using flowlabel.
IPV6. Features of IPv6 New header format Large address space More efficient routing IPsec header support required Simple automatic configuration New protocol.

IPV6. Features of IPv6 New header format Large address space More efficient routing IPsec header support required Simple automatic configuration New protocol.
Implementing IPv6 Module B 8: Implementing IPv6

Implementing IPv6 Module B 8: Implementing IPv6
Module 4: Configuring Network Connectivity

Module 4: Configuring Network Connectivity
Chapter 8b Intro to Routing & Switching.  Upon completion of this chapter, you should be able to:  Describe the structure of an IPv4 address.  Describe.

Chapter 8b Intro to Routing & Switching.  Upon completion of this chapter, you should be able to:  Describe the structure of an IPv4 address.  Describe.
Chapter 23: ARP, ICMP, DHCP IS333 Spring 2015.

Chapter 23: ARP, ICMP, DHCP IS333 Spring 2015.
Lecture Week 7 Implementing IP Addressing Services.

Lecture Week 7 Implementing IP Addressing Services.
TCP/IP Tools Lesson 5. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Using basic TCP/IP commands Understanding TCP/IP3.6.

TCP/IP Tools Lesson 5. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Using basic TCP/IP commands Understanding TCP/IP3.6.
Linux Operations and Administration

Linux Operations and Administration
SUSE Linux Enterprise Server Administration (Course 3037) Chapter 7 Connect the SUSE Linux Enterprise Server to the Network.

SUSE Linux Enterprise Server Administration (Course 3037) Chapter 7 Connect the SUSE Linux Enterprise Server to the Network.
M. Taimoor Khan * Java Server Pages (JSP) is a server-side programming technology that enables the creation of dynamic,

M. Taimoor Khan * Java Server Pages (JSP) is a server-side programming technology that enables the creation of dynamic,
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Network Addressing Networking for Home and Small Businesses – Chapter 5.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Network Addressing Networking for Home and Small Businesses – Chapter 5.
Summary of Certification Process (part 1). IPv6 Client IPv6 packets inside IPv4 packets.

Summary of Certification Process (part 1). IPv6 Client IPv6 packets inside IPv4 packets.
Implementing IP Addressing Services Accessing the WAN – Chapter 7.

Implementing IP Addressing Services Accessing the WAN – Chapter 7.
1 Apache. 2 Module - Apache ♦ Overview This module focuses on configuring and customizing Apache web server. Apache is a commonly used Hypertext Transfer.

1 Apache. 2 Module - Apache ♦ Overview This module focuses on configuring and customizing Apache web server. Apache is a commonly used Hypertext Transfer.
Module 12: Routing Fundamentals. Routing Overview Configuring Routing and Remote Access as a Router Quality of Service.

Module 12: Routing Fundamentals. Routing Overview Configuring Routing and Remote Access as a Router Quality of Service.
FP6−2004−Infrastructures−6-SSA-026634 IPv6 and Grid Middleware: the EUChinaGRID experience Gabriella Paolini – GARR Valentino.

FP6−2004−Infrastructures−6-SSA IPv6 and Grid Middleware: the EUChinaGRID experience Gabriella Paolini – GARR Valentino.

Similar presentations

Ads by Google